Signal, the non-profit behind one of the world’s most widely used secure messaging protocols, has unveiled the Triple Ratchet, a major upgrade which introduces post-quantum cryptography into everyday encrypted communications. The new system aims to protect users not only from current threats, but also from those posed by future quantum computers.
Sparse Post-Quantum Ratchet (SPQR) is a cryptographic advancement designed to keep messages secure even if quantum computers one day become powerful enough to break traditional encryption. SPQR is now being combined with the existing Double Ratchet protocol to form what Signal calls the Triple Ratchet.
This hybrid approach allows Signal to offer post-quantum Forward Secrecy (FS) and Post-Compromise Security (PCS) — ensuring that:
- Past messages remain safe even if keys are compromised in the future (FS)
- Future messages can recover even after a compromise occurs (PCS)
By integrating both quantum-resistant and traditional cryptographic methods, Signal creates a system where attackers would need to break both to access a message — an exceptionally difficult task, even with future technology.
Even though quantum computers capable of breaking current cryptographic algorithms aren’t here yet, the threat is real — especially for harvest-now, decrypt-later attacks. Adversaries could collect encrypted messages today and decrypt them in the future once quantum capabilities mature.
Signal has already taken steps toward quantum resistance with PQXDH, a quantum-safe session setup protocol. Now, the Triple Ratchet extends that protection throughout the entire messaging session, not just the handshake.
Signal’s team faced several technical challenges in building SPQR and integrating it efficiently:
- Quantum-safe key exchange is done via ML-KEM, a standardized key encapsulation mechanism.
- Messages now carry chunks of large post-quantum keys, but bandwidth is minimized using erasure coding — a technique that allows keys to be rebuilt even if some messages are lost.
- A carefully designed state machine governs message flow, ensuring smooth ratcheting even when devices are offline or messages arrive out of order.
- Security and performance were both critical — the protocol is optimized to minimize bandwidth use, maximize efficiency, and resist downgrade attacks.
To back its security claims, Signal built the new protocol using formal verification from the start. Every part of the system was mathematically modeled and proven secure using tools like ProVerif and F*. This process is integrated directly into Signal’s CI pipeline, meaning that every code change must pass formal checks before it goes live.
The new protocol is being deployed gradually in a backward-compatible way:
- If one user hasn’t yet upgraded to SPQR, the session will temporarily fall back to the existing protocol.
- Once all parties in a conversation support SPQR, the new protections silently activate.
Eventually, Signal will enforce SPQR for all new sessions, retiring legacy-only sessions to guarantee full coverage.
Importantly, this entire transition is happening without requiring users to do anything.
Signal’s Triple Ratchet update is an example of cryptographic foresight in consumer messaging apps and aims to prepare Signal users adding quantum resistance without compromising today’s security, maintainng efficient performance on everyday devices, and uses formal verification for provable safety.
Leave a Reply